Configuring NTLM queries

Users : Offloading HTTP authentication & authorization : Configuring queries for remote end-user accounts : Configuring NTLM queries

NT LAN Manager (NTLM) queries can be made to a Microsoft Windows or Active Directory server that is configured for NTLM authentication. FortiWeb supports both NTLM v1 and NTLM v2.

FortiWeb can use NTLM queries to authenticate and authorize HTTP requests. For more information, see “Applying user groups to an authorization realm”.

To configure an NTLM query

1. Go to User > Remote Server > NTLM Server.

To access this part of the web UI, your administrator's account access profile must have Read and Write permission to items in the Auth Users category. For details, see “Permissions”.

2. Click Create New.

A dialog appears.

3. In Name, type a unique name that can be referenced by other parts of the configuration. This is the name of the query only, not the end-user’s account name/login. Do not use spaces or special characters. The maximum length is 35 characters.

4. For Server IP, type the IP address of the NTLM server to query.

5. For Port, type the TCP port number where the NTLM server listens for queries.

6. Click OK.

7. To activate the user account, you must indirectly include it in a server policy that governs connections to your web servers. Continue with “Grouping users”. (For an overview, see “To configure and activate end-user accounts”.)